• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.8B
• /
• pp.630-636
• /
• 2012

In this paper, we propose an improved Multi Gray-Leveling scheme which reduces the problems of the existing Multi Gray-Leveling scheme suggested as a way of prevention against call spam in VoIP environment. The existing scheme having two different time period distinguishes the possibility of call spam by checking the call interval, so that it prevents the spammer's avoidance controlling the call interval. This is the strength of the existing one but it can misunderstand the normal user as a spammer due to taking long term time period. To solve this problem, this paper proposes the upgrade scheme which utilizes the receiver's action pattern as well as the caller's action pattern. It has such a good strength that can do gray leveling via the collected information in the database of VoIP service provider without user's direct involvement. Hence it can be a very effective way of VoIP spam detection.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.205-211
• /
• 2015

Recently, a mobile communication network and the wireless terminal is suddenly develop, mobile office service is more and more the sportlight. However, the user may receive an attack from a malicious third party if the up/download the data in the remote to perform the work in a mobile office environment. In this paper, we propose scheme to manage the information lost due to theft smartphone that contain spill prevention personal information and company information from the mobile office environment (call history, incoming messages, phonebook, calendar, location information, banking information, documents, etc.). The proposed scheme using the number of triangular fuzzy information about the state of the personal information and business intelligence to implement a pair-wise comparison matrix. In particular, the proposed scheme is to prevent the value obtained by constructing a pair-wise comparison matrix for personal information and business intelligence and pair your smartphone is lost when a third party not allow access to personal information and corporate information is leaked to the outside.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.3-12
• /
• 2011

According to the NIS, damages due to leaking industrial technology are reaching tens of trillion won. The type of damages are classified according to insider leaks, joint research, and hacking, illegal technology leaks and collaborated camouflaged. But 80% of them turned out to be an insider leak about connecting with physical security. The convergence of IT and non IT is accelerating, and the boundaries between all area are crumbling. Information Security Industry has grown continuously focusing Private Information Security which is gradually expanding to Knowledge Information Security Industry, but Information Security Industry hereafter is concentrated with convergence of IT Security Technology and product, convergence of IT Security and Physical Security, and IT convergence Industry Security. In this paper, for preventing company information leaks, logical security and physical security both of them are managed at the same level. In particular, using convergence of physical security systems (access control systems, video security systems, and others) and IT integrated security control system, convergence security monitoring model is proposed that is the prevention of external attacks and insider leaks, blocked and how to maximize the synergy effect of the analysis.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.43-50
• /
• 2019

In a hyper-connected society, electric power infrastructures and information and communication infrastructures are the core of critical national infrastructures. However, electric power infrastructure is very deadly to high-frequency nuclear electromagnetic pulse (HEMP) threats recently issued by North Korea, so the resilience through rapid recovery after attack is directly related to the survivability of our country. Therefore, electric power infrastructure should take precedence over any other key infrastructure, with preemptive protection measures and fast recovery plans. In this paper, the characteristics of the HEMP threats was examined, and the risks and effective major protection measures of the electric power infrastructures are discussed. In the future, it is expected that it will be able to help establish the direction of enactment and revision of legal schems related to the 'high power EMP infringement prevention' for Korea's electric power infrastructures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.523-533
• /
• 2014

It has been spent too much time to figure out the incident route when we are facing computer security incident. The incident often recurs moreover the damage is expanded because critical clues are lost while we are wasting time with hesitation. This paper suggests to build a Digital Evidence Map (DEM) in order to find out the incident cause speedy and accurately. The DEM is consist of the log chain which is a mesh relationship between machine data. And the DEM should be managed constantly because the log chain is vulnerable to various external facts. It could help handle the incident quickly and cost-effectively by acquainting it before incident. Thus we can prevent recurrence of incident by removing the root cause of it. Since the DEM has adopted artifacts in data as well as log, we could make effective response to APT attack and Anti-Forensic.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3290-3299
• /
• 2000

Digital watermarking has similar concepts with channel coding thechnique for transferring data with minimizing error in noise environment, since it should be robust to various kinds of data manipulation for protecting copyrights of multimedia data. This paper proposes a digital watermarking technique which is robust to various kinds of data manipulation. Intellectual property rights information is encoded using a convolutional code, and block-interleaving technique is applied to prevent successive loss of encoded data. Encoded intelloctual property rithts informationis embedded using spread spectrum technique which is robust to cata manipulation. In order to reconstruct intellectual property rights information, watermark signalis detected by covariance between watermarked image and pseudo rando noise sequence which is used to einbed watermark. Embedded intellectual property rights information is obtaned by de-interleaving and cecoding previously detected wtermark signal. Experimental results show that block interleaving watermarking technique can detect embedded intellectial property right informationmore correctly against to attacks like Gaussian noise additon, filtering, and JPEG compression than general spread spectrum technique in the same PSNR.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.779-786
• /
• 2003

We propose a correction security framework as next generation security technology to provide secure and reliable Internet services. The framework guarantees durability of the services in spite of external attack, intrusion, vulnerability for fault tolerance, and network management technology that covers the set of techniques aimed at providing rapid service recovery. The improvement technology includes system itself improvement and synamic improvement preventing faults from being re-activated, in cooperation with other systems such as vulnerability anaysis system, NMS, ESM. It is expected that our framework will be applied to global networks as well as system alone, and be able to guarantee the network survivability and reliable Internet services.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1409-1415
• /
• 2013

With the development of Internet communication and the use of a variety of online services has been greatly expanded. Therefore, the importance of authentication techniques for users of online services has increased. The most commonly used methods for user authentication is a technique that utilizes a prearranged password. However, the existing password scheme for authentication must use the same password every time. Therefore, the password being leaked by attackers, it can be used maliciously. In this paper, we proposed the Variable Password Generation Method in Internet Authentication System that generates a new password using information such as the access date, time, and IP address when user logs in. The method proposed in this paper prevents disclosure of personal information due to password exposure and improves the reliability and competitiveness in the field of security systems.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.731-740
• /
• 2001

Multi-distributed web cluster model expanding conventional cluster system is the cluster system which processes large-scaled work demanded from users with parallel computing method by building a number of system nodes on open network into a single imaginary network. Multi-distributed web cluster model on the structured characteristics exposes internal system nodes by an illegal third party and has a potential that normal job performance is impossible by the intentional prevention and attack in cooperative work among system nodes. This paper presents the mutual authentication protocol of system nodes through key division method for the authentication of system nodes concerned in the registration, requirement and cooperation of service code block of system nodes and collecting the results and then designs SNKDC which controls and divides symmetrical keys of the whole system nodes safely and effectively. SNKDC divides symmetrical keys required for performing the work of system nodes and the system nodes transmit encoded packet based on the key provided. Encryption packet given and taken between system nodes is decoded by a third party or can prevent the outflow of information through false message.

• Journal of KIISE:Databases
• /
• v.37 no.4
• /
• pp.209-219
• /
• 2010

Online social network services that are rapidly growing recently store tremendous data and analyze them for many research areas. To enhance the effectiveness of information, companies or public institutions publish their data and utilize the published data for many purposes. However, a social network containing information of individuals may cause a privacy disclosure problem. Eliminating identifiers such as names is not effective for the privacy protection, since private information can be inferred through the structural information of a social network. In this paper, we consider a new complex attack type that uses both the content and structure information, and propose a model, $\ell$-degree diversity, for the privacy preserving publication of the social network data against such attacks. $\ell$-degree diversity is the first model for applying $\ell$-diversity to social network data publication and through the experiments it shows high data preservation rate.